We use iptables to reroute any incoming connection to the listening port. ‘reverse_tcp _allports’ is used to to brute-force all the ports from. Then it makes it difficult for the attacker to set a port for listening. ‘reverse_tcp’ only allows connection to one port, but if the victim has blocked outgoing connections except a few ports. This table has three predefined chains: PREROUTING, OUTPUT und POSTROUTING. The important rules regarding NAT are – not very surprising – found in the ‘nat’-table. We will use the command utility ‘iptables’ to create complex rules for modification and filtering of packets. This framework enables a Linux machine with an appropriate number of network cards (interfaces) to become a router capable of NAT. The Linux kernel usually possesses a packet filter framework called netfilter (Project home: ). Network Address Translation generally involves “re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall” (from )
